diff options
-rw-r--r-- | security/krb5-16/Makefile | 1 | ||||
-rw-r--r-- | security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c | 26 | ||||
-rw-r--r-- | security/krb5-17/Makefile | 1 | ||||
-rw-r--r-- | security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c | 26 | ||||
-rw-r--r-- | security/krb5-appl/Makefile | 1 | ||||
-rw-r--r-- | security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c | 26 | ||||
-rw-r--r-- | security/krb5/Makefile | 1 | ||||
-rw-r--r-- | security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c | 26 |
8 files changed, 108 insertions, 0 deletions
diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile index f2b7f85423f0..ee035fabec97 100644 --- a/security/krb5-16/Makefile +++ b/security/krb5-16/Makefile @@ -7,6 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.2.6 +PORTREVISION= 1 CATEGORIES= security .if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ diff --git a/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c new file mode 100644 index 000000000000..2fa89e96690b --- /dev/null +++ b/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c @@ -0,0 +1,26 @@ +--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000 ++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002 +@@ -170,14 +170,21 @@ + u_char *retdat, *tmpdat; + int retval, retlen; + +- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { ++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4)) ++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { + errpkt(dat, dat_len, KADM_BAD_VER); + return KADM_BAD_VER; + } + in_len = KADM_VERSIZE; + /* get the length */ +- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0) ++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 ++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4)) ++ || (*dat_len - r_len - KADM_VERSIZE - ++ sizeof(krb5_ui_4) > sizeof(authent.dat))) { ++ errpkt(dat, dat_len, KADM_LENGTH_ERROR); + return KADM_LENGTH_ERROR; ++ } ++ + in_len += retc; + authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4); + memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length); diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile index f2b7f85423f0..ee035fabec97 100644 --- a/security/krb5-17/Makefile +++ b/security/krb5-17/Makefile @@ -7,6 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.2.6 +PORTREVISION= 1 CATEGORIES= security .if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ diff --git a/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c new file mode 100644 index 000000000000..2fa89e96690b --- /dev/null +++ b/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c @@ -0,0 +1,26 @@ +--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000 ++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002 +@@ -170,14 +170,21 @@ + u_char *retdat, *tmpdat; + int retval, retlen; + +- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { ++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4)) ++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { + errpkt(dat, dat_len, KADM_BAD_VER); + return KADM_BAD_VER; + } + in_len = KADM_VERSIZE; + /* get the length */ +- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0) ++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 ++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4)) ++ || (*dat_len - r_len - KADM_VERSIZE - ++ sizeof(krb5_ui_4) > sizeof(authent.dat))) { ++ errpkt(dat, dat_len, KADM_LENGTH_ERROR); + return KADM_LENGTH_ERROR; ++ } ++ + in_len += retc; + authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4); + memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length); diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile index f2b7f85423f0..ee035fabec97 100644 --- a/security/krb5-appl/Makefile +++ b/security/krb5-appl/Makefile @@ -7,6 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.2.6 +PORTREVISION= 1 CATEGORIES= security .if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ diff --git a/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c new file mode 100644 index 000000000000..2fa89e96690b --- /dev/null +++ b/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c @@ -0,0 +1,26 @@ +--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000 ++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002 +@@ -170,14 +170,21 @@ + u_char *retdat, *tmpdat; + int retval, retlen; + +- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { ++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4)) ++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { + errpkt(dat, dat_len, KADM_BAD_VER); + return KADM_BAD_VER; + } + in_len = KADM_VERSIZE; + /* get the length */ +- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0) ++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 ++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4)) ++ || (*dat_len - r_len - KADM_VERSIZE - ++ sizeof(krb5_ui_4) > sizeof(authent.dat))) { ++ errpkt(dat, dat_len, KADM_LENGTH_ERROR); + return KADM_LENGTH_ERROR; ++ } ++ + in_len += retc; + authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4); + memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length); diff --git a/security/krb5/Makefile b/security/krb5/Makefile index f2b7f85423f0..ee035fabec97 100644 --- a/security/krb5/Makefile +++ b/security/krb5/Makefile @@ -7,6 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.2.6 +PORTREVISION= 1 CATEGORIES= security .if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ diff --git a/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c new file mode 100644 index 000000000000..2fa89e96690b --- /dev/null +++ b/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c @@ -0,0 +1,26 @@ +--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000 ++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002 +@@ -170,14 +170,21 @@ + u_char *retdat, *tmpdat; + int retval, retlen; + +- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { ++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4)) ++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { + errpkt(dat, dat_len, KADM_BAD_VER); + return KADM_BAD_VER; + } + in_len = KADM_VERSIZE; + /* get the length */ +- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0) ++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 ++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4)) ++ || (*dat_len - r_len - KADM_VERSIZE - ++ sizeof(krb5_ui_4) > sizeof(authent.dat))) { ++ errpkt(dat, dat_len, KADM_LENGTH_ERROR); + return KADM_LENGTH_ERROR; ++ } ++ + in_len += retc; + authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4); + memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length); |